I am trying to send patch request using jmeter(which works by postman), i.e i have copied the request from postman, i am using correct header authorization etc still it returns the error 404.
I am using jmeter version 3.2.
PATCH https://dev-api.test.com/walk/v1/walks/77/test/2017101609260477/test/781281212?apikey=ZwQGsEN0f65kORZ8EVQlJWA2bGNbHls0
PATCH data:
{
"status":"Available"
}
[no cookies]
Request Headers:
Connection: keep-alive
Content-Type: application/json
Authorization: Bearer hhjahsj
Content-Length: 26
Host: dev-api.test.com
User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_131)
You should choose in HTTP Request Advanced tab Client implementations choose HTTPClient4
If Java implementations is taken, PATCH not supported:
It supports only the following methods: GET, POST, HEAD, OPTIONS, PUT, DELETE and TRACE
Also Notice:
The PUT and PATCH method body must be provided as one of the following:
The PUT and PATCH method body must be provided as one of the
following:
define the body as a file with empty Parameter name field; in which
case the MIME Type is used as the Content-Type
define the body as
parameter value(s) with no name
use the Body Data tab
GET, DELETE, PUT and PATCH require a Content-Type.
If not using a file, attach a Header Manager to the sampler and define
the Content-Type there.
Also according to previous issue add parameters in query as:
https://example.com/user/accountemail=example%40example.com&password=12345678
EDIT
You can also use HTTP Raw Request plugin which support also an HTTP
non standard method
EDIT 2
You can sent PATCH request to test website: https://postman-echo.com/patch
Related
Is there any way to remove the response header location when making a post via HTTP connector in the logic app or via a postman?
Response Headers
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Location: http://xxxx.xxx/api/integrationstatus?id=xxxxx
Date: Thu, 11 Mar 2021 10:13:53 GMT
If you mean remove the Location field from response header just inside the HTTP connector, I'm afraid the answer is "no". And to remove it inside postman, the answer is also "no".
But if your requirement is to get the data of response header, at that time remove the location field. This can be implemented, here provide two solutions for your reference.
1. We can do it by "Execute Javascript Code" action in your logic app. Before use "Execute Javascript Code" action, you need to create integration account and link it to your logic app. Then use the js code like below screenshot:
2. If you do not want to create integration account to use "Execute Javascript Code" action. You can also do it by "Compose" action. List all of other fields in "Compose" by their expression. For example, the expression for Cache-Control is outputs('HTTP')['headers']?['Cache-Control'].
The AWS S3 PUT REST API docs are lacking a clear example of the Authorization string in the Request Syntax.
Request Syntax
PUT /Key+ HTTP/1.1
Host: Bucket.s3.amazonaws.com
x-amz-acl: ACL
Cache-Control: CacheControl
Content-Disposition: ContentDisposition
Content-Encoding: ContentEncoding
Content-Language: ContentLanguage
Content-Length: ContentLength
Content-MD5: ContentMD5
Content-Type: ContentType
Expires: Expires
x-amz-grant-full-control: GrantFullControl
x-amz-grant-read: GrantRead
x-amz-grant-read-acp: GrantReadACP
x-amz-grant-write-acp: GrantWriteACP
x-amz-server-side-encryption: ServerSideEncryption
x-amz-storage-class: StorageClass
x-amz-website-redirect-location: WebsiteRedirectLocation
x-amz-server-side-encryption-customer-algorithm: SSECustomerAlgorithm
x-amz-server-side-encryption-customer-key: SSECustomerKey
x-amz-server-side-encryption-customer-key-MD5: SSECustomerKeyMD5
x-amz-server-side-encryption-aws-kms-key-id: SSEKMSKeyId
x-amz-server-side-encryption-context: SSEKMSEncryptionContext
x-amz-request-payer: RequestPayer
x-amz-tagging: Tagging
x-amz-object-lock-mode: ObjectLockMode
x-amz-object-lock-retain-until-date: ObjectLockRetainUntilDate
x-amz-object-lock-legal-hold: ObjectLockLegalHoldStatus
Body
The docs show this request example further on...
PUT /my-image.jpg HTTP/1.1
Host: myBucket.s3.<Region>.amazonaws.com
Date: Wed, 12 Oct 2009 17:50:00 GMT
Authorization: authorization string
Content-Type: text/plain
Content-Length: 11434
x-amz-meta-author: Janet
Expect: 100-continue
[11434 bytes of object data]
But again, the doc does not have an example format for Auth String. I tried AccessKeyID Secret but that didn't work. I dont' even see logical parameters in the request syntax to pass the two parts of the credential (AccessKeyID and Secret) anywhere in the examples!
Does anyone have a simple example of how to use PUT to add a .json file to S3 using the REST API? Preferrably a screenshot of PostMan setup to better explain where values go (in URL vs. as headers).
From the AWS docs here, it appears it is not possible to create a PUT request to an S3 bucket using REST API alone:
For authenticated requests, unless you are using the AWS SDKs, you have to write code to calculate signatures that provide authentication information in your requests.
This is a new concept to me. I've used token requests and sending keys in headers before when authenticating via REST API's. It sounds like a more secure method of auth.
I'm trying to deploy a lambda function with aws api gateway. I was able to succesfully deploy and test POST and GET methods with Content-Type: application/json by following this blog: http://kennbrodhagen.net/2015/12/06/how-to-create-a-request-object-for-your-lambda-event-from-api-gateway/
I want my same lambda function to handle requests of content-type : text/plain, x-www-form-urlencoded also.
The problem with integration template is that we have to define the content-type before hand. So if I make a integration template of Content-type: text/plain how can I call that integration template when the api request of text/plain is made to the url.
How can I invoke different integration templates based on the Content-Type of the api request?
any tips on that?
Thanks.
I don't know whether I got your problem right r not.
From my understanding if you are passing any header information or query string parameters and the content type is text/plain you can map the template like this
{
"prod_Id" : "$input.params('prod_Id')"
}
where product id can be the header or query string parameter.
you can find it in my blog in 'how to pass query string section
I have a HTTP "rest" web service API that I am creating for accessing user data.
The web service integrates with a XACML policy decision point. The policy decision point determines if the request is authorized as a function of the user and the data being accessed. Generally, the response is "permit" (action is allowed) or "deny" (action is not allowed).
If permit, then the call continues and data is returned.
If deny, then the call is aborted and an HTTP 403 (forbidden) is returned.
However, certain policies have "obligations" to indicate that the action is conditionally allowed with further action. The analogy that I generally use is the "this credit card transaction may be allowed, but the clerk needs to view the customer's ID, and then make this call again asserting that the ID matches the credit card".
In my web service, I want to prompt the client to take action and include additional information in the request URL to indicate that the obligation was met. I am communicating this information with structured body response understood by the client application.
My question is what is the appropriate HTTP status code to use in the scenario.
"403" would not be appropriate (text from HTTP spec Authorization will not help and the request SHOULD NOT be repeated).
My best guess would "401" (unauthorized), but I am not sure if this status code is specifically around the use of the authorization header and username/password type of concerns.
Maybe you could use the HTTP status code 303 or 307 to point the user to a temporary redirect location that somehow encodes the extra "obligation"?
A 401 response seems reasonable to me. The HTTP authentication mechanism is extensible, so you could conceivably create a custom authentication scheme so that you are properly setting the WWW-Authenticate header as required by the RFC. Browsers won't know what to do with your custom scheme, but I assume your clients aren't browsers anyway, if they have to understand what an obligation is.
Example request sequence:
PUT /some/resource/that/has/obligations HTTP/1.1
Content-Type: application/json
Authorization: token my-oauth-token
HTTP/1.1 401 Unauthorized
WWW-Authenticate: obligation urn:my-app:my-obligation;param1;param2
PUT /some/resource/that/has/obligations HTTP/1.1
Content-Type: application/json
Authorization: token my-oauth-token
Authorization: obligation urn:my-app:my-obligation:result=ok
HTTP/1.1 201 Created
Location: /some/resource/that/has/obligations/1
Another option would be to return a 202 on the initial post or put, and then confirm it on a later post. This option would require a little more state management server side, since you'd first accept the operation, and then wait for the client to confirm it.
PUT /some/resource/that/has/obligations HTTP/1.1
Content-Type: application/json
Authorization: token my-oauth-token
HTTP/1.1 202 Accepted
Location: /some/resource/that/has/obligations/1
X-Obligation: urn:my-app:my-obligation;param1;param2
POST /some/resource/that/has/obligations/1 HTTP/1.1
Content-Type: application/json
Authorization: token my-oauth-token
X-Obligation: urn:my-app:my-obligation;result=ok
HTTP/1.1 200 OK
One thing to always keep in mind with obligations, though... they're always enforced client-side, so unless the obligation involves hitting another service that your service can double-check against, you never know if the client actually performed the obligation. If you don't control the client, then obligations are really just theatre.
I am trying to connect to a REST API, using C#.
I was able to successfully do some GET request but POST kept giving me 401 Authentication error.
I have gone ahead and downloaded fiddler and this is what my requests look like:
GET (Works)
Request Headers
GET https: //hello.myurl.com/api HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Accept: application/xml
Authorization: Basic ***************************************************************************************************
Host: hello.myurl.com
-
POST (Doesn't work)
Request Headers
POST https: //hello.myurl.com/api HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Accept: application/xml
Authorization: Basic ***************************************************************************************************
Host: hello.myurl.com
Content-Length: 12
Request Body
status=hello
(* same in both using
String authinfo = "username:password";
Convert.ToBase64String(Encoding.ASCII.GetBytes(authInfo));
Any ideas why?
I'd consult the API documentation for that particular URL. GET requests are simply requesting a readonly version of data, a POST request is implying that you are making a change to a certain URL, so it's possible that the API allows GET requests without authentication, but requires authentication on the POST request.
In your case I'd hazard a guess that your authentication is not correct, but it's just being ignored on the GET request as it doesnt need authentication.